package com.zhongyouyun.other.aspect;

import cn.hutool.core.util.ObjectUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.zhongyouyun.admin.model.DeptModel;
import com.zhongyouyun.admin.model.RoleModel;
import com.zhongyouyun.admin.model.UserModel;
import com.zhongyouyun.config.RedisConfig;
import com.zhongyouyun.other.annotation.DataAuthScope;
import com.zhongyouyun.other.annotation.XianMuAuthScope;
import com.zhongyouyun.utils.LongUtil;
import com.zhongyouyun.utils.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.After;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;

/**
 * 数据过滤处理
 *
 * @author wangfenglei
 */
@Aspect
@Component
public class XianMuAuthAspesct {
    public static final ThreadLocal XIANG_MU_TYPE_LOCAL = new ThreadLocal();
    @Resource
    private RedisConfig redisConfig;

    @Before("@annotation(controllerxianMuAuthScope)")
    public void doBefore(JoinPoint point, XianMuAuthScope controllerxianMuAuthScope) throws Throwable {
        XIANG_MU_TYPE_LOCAL.remove();
        handleDataAuthScope(point, controllerxianMuAuthScope);
    }

    @After("@annotation(controllerxianMuAuthScope)")
    public void doAfter(XianMuAuthScope controllerxianMuAuthScope) throws Throwable {
        //清空数据权限拼接SQL
        XIANG_MU_TYPE_LOCAL.remove();
    }

    /**
     * 处理数据权限
     *
     * @param joinPoint     切面
     * @param xianMuAuthScope 数据权限
     */
    protected void handleDataAuthScope(final JoinPoint joinPoint, XianMuAuthScope xianMuAuthScope) {
        // 获取当前的用户
        // 获取RequestAttributes
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        // 从获取RequestAttributes中获取HttpServletRequest的信息
        HttpServletRequest request = (HttpServletRequest) requestAttributes.resolveReference(RequestAttributes.REFERENCE_REQUEST);
        String xiangmuType = request.getHeader("xiangmuType");
        Subject subject = SecurityUtils.getSubject();
        if (ObjectUtil.isNotEmpty(subject)) {
            Object object = redisConfig.get(subject.getSession().getId().toString());
            if (ObjectUtil.isNotEmpty(object)) {
                Object u = SecurityUtils.getSubject().getPrincipal();
                if (u instanceof UserModel) {
                    UserModel userModel = (UserModel) u;
                    if (ObjectUtil.isEmpty(userModel.getRoleId())) {
                        return;//超級管理員不管
                    } else {
                        StringBuilder sqlString = new StringBuilder();
                        sqlString.append(StringUtils.sqlformatXiangMuType(" OR {}xiangmu_type is null  or  {}xiangmu_type = '' OR {}xiangmu_type = '{}' ", xianMuAuthScope.deptAlias(),xianMuAuthScope.deptAlias(), xianMuAuthScope.deptAlias(), xiangmuType));
                        XIANG_MU_TYPE_LOCAL.set(" AND (" + sqlString.substring(4) + ")");
                    }
                } else {
                    return;
                }
            } else {
                return;
            }
        } else {
            return;
        }

    }
}
